<?php

namespace App\Http\Middleware;
use App\Common\Result;
use Closure;

class VerifySign
{
    public function handle($request, Closure $next)
    {
        $params = $request->all();
        if(!isset($params['sign'])  && !isset($params['timestamp']) ){
            Result::msg('-1','error','签名失败');
        }

        $sign = $params['sign'];
        $timestamp = $params['timestamp'];
        if((time()-$timestamp)>5){
            Result::msg('-45','error','签名失效');
        }

        unset($params['sign']);
        unset($params['timestamp']);
        unset($params['avatar']);
        //秘钥
        $secret = '1dFlxLhiuLqnUZe9kA';

        ksort($params,0);
        $str = '';

        //参数签名
        foreach($params as $key=>$param){
            $str .= $key.$param;
        }
		
        //签名获得
        $service_api = md5($secret.$str.$timestamp.$secret);

        //对比签名
        if($service_api != $sign){
            Result::msg('-1','error','签名失败');
        }
        return $next($request);
    }
}